From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.devel Subject: Re: A couple of questions and concerns about Emacs network security Date: Sat, 07 Jul 2018 16:19:40 +0300 Message-ID: <83zhz3i3o3.fsf@gnu.org> References: <20180705093346.071e6970@jabberwock.cb.piermont.com> <83wou9n66t.fsf@gnu.org> <20180705112920.076265d5@jabberwock.cb.piermont.com> <83r2khms1j.fsf@gnu.org> <20180705164500.0bde16cd@jabberwock.cb.piermont.com> <83bmbknafs.fsf@gnu.org> <20180707081833.37561702@jabberwock.cb.piermont.com> NNTP-Posting-Host: blaine.gmane.org X-Trace: blaine.gmane.org 1530969525 17309 195.159.176.226 (7 Jul 2018 13:18:45 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 7 Jul 2018 13:18:45 +0000 (UTC) Cc: wyuenho@gmail.com, larsi@gnus.org, eggert@cs.ucla.edu, rms@gnu.org, emacs-devel@gnu.org To: "Perry E. Metzger" Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sat Jul 07 15:18:40 2018 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1fbn6m-0004P0-9i for ged-emacs-devel@m.gmane.org; Sat, 07 Jul 2018 15:18:40 +0200 Original-Received: from localhost ([::1]:33659 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fbn8t-0001LS-6V for ged-emacs-devel@m.gmane.org; Sat, 07 Jul 2018 09:20:51 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:34086) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fbn88-0001Kl-KC for emacs-devel@gnu.org; Sat, 07 Jul 2018 09:20:08 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fbn84-0005F2-W2 for emacs-devel@gnu.org; Sat, 07 Jul 2018 09:20:04 -0400 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:52874) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fbn7n-00056G-Ge; Sat, 07 Jul 2018 09:19:43 -0400 Original-Received: from [176.228.60.248] (port=4071 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1fbn7g-0004k8-Dx; Sat, 07 Jul 2018 09:19:36 -0400 In-reply-to: <20180707081833.37561702@jabberwock.cb.piermont.com> (perry@piermont.com) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:227053 Archived-At: > Date: Sat, 7 Jul 2018 08:18:33 -0400 > From: "Perry E. Metzger" > Cc: Eli Zaretskii , eggert@cs.ucla.edu, emacs-devel@gnu.org, > larsi@gnus.org, wyuenho@gmail.com > > There is ample evidence that people in such situations rarely if ever > understand what the right thing to do is. That doesn't necessarily mean we need to assume none of them will understand that, if the considerations are explained in clear terms that can be mapped to the user's environment. > There's also another issue we've discovered: at one time, people > believed having software provide "levels" of security made sense,but > we now understand based on bitter experience that everyone, whether > their greatest threat is unimportant or whether their greatest threat > is a nation state, uses the same software and same default settings > 99% of the time, so software needs to be built with the needs of > people under threat in mind. I don't see how this is relevant, since we are talking about just one piece of software: Emacs. For the purposes of this discussion, whether they use the same browsers or different ones, because we are not discussing those browsers. And my personal experience definitely contradicts your "everyone" claim: e.g., my home network is set up with several non-default defenses, and so is my smartphone. Why should we assume a significant part of Emacs users is in the "everyone" camp? They did choose to use Emacs, didn't they? > And let me repeat, there's excellent field evidence that > people under threat generally have no technical expertise to make > serious security decisions, and that includes people with programming > backgrounds. You are entitled to your opinions, but I don't agree that we should design our defaults based on the assumption that we cannot expect our users to make informed decisions. I expect that much from Emacs developers, and I'm certainly not going to behave differently when such decisions depend on me. > The other thing is, in spite of the constant claims, running with the > level of security provided by Firefox or Chrome or Safari isn't the > least bit inconvenient, so there's no obvious reason not to do at > least _that_. One would think that those "constant claims" might just provide such a reason. Besides, we don't really follow what those browsers do, so it's a moot point to argue anyway.